package com.zxp.common.core.security.authorize.impl;

import cn.hutool.core.util.StrUtil;
import com.zxp.common.core.security.authentication.handler.MyAuthenticationFailHandler;
import com.zxp.common.core.security.authorize.MyAuthorizationConfigurerService;
import com.zxp.common.core.security.properties.SecurityProperties;
import lombok.RequiredArgsConstructor;
import org.apache.commons.lang3.StringUtils;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configurers.ExpressionUrlAuthorizationConfigurer;

/**
 * @author shollin
 * @desc
 * @date 2021/7/18/018 22:36
 */
@RequiredArgsConstructor
public class MyAuthorizationConfigurerServiceImpl implements MyAuthorizationConfigurerService {

    private final SecurityProperties securityProperties;

    @Override
    public void config(ExpressionUrlAuthorizationConfigurer<HttpSecurity>.ExpressionInterceptUrlRegistry config) {
        config.antMatchers(// 读取配置文件，放开自定义路径的权限。
                getPermitUrls()
               ).permitAll();
    }

    public String[] getPermitUrls() {
        String permitUrls = securityProperties.getAuthorize().getPermitUrls();
        if (StringUtils.isNotBlank(permitUrls)) {
            // 将配置文件读出来的url去除空白
            permitUrls = StrUtil.trim(permitUrls,0);
            String[] urlArray = StringUtils.splitByWholeSeparator(permitUrls, ",");
            return urlArray;
        }
        return new String[] {};
    }
}
